Prince’s Trust tightens security

Overview:

The Prince’s Trust is the UK’s leading youth charity. It gives practical and financial support, developing key workplace skills such as confidence and motivation. It works with 14- to 30-year-olds who have struggled at school, have been in care, are long-term unemployed or have been in trouble with the law.

Due to the nature of its work, The Trust holds highly confidential and sensitive information about the young people that it works with. The security of this data is paramount but can be difficult to manage. The Prince’s Trust’s diversified geographic spread in the UK presents some challenging logistical problems for the headquarters in London as there are 350 remote employees who need to gain access to centralised IT systems from different locations on a regular basis.

The security of The Trust’s data has recently been enhanced following a reevaluation of security technology used by its staff.

Challenge

Single-factor authentication uses only a single password to access classified data and networks, so it is not the most secure option. It’s all too easy for staff to leave passwords lying around for unauthorised eyes, leaving the door wide open for opportunistic hackers. But a more advanced solution could mean boundless costs and a complicated system overhaul.

“Our previous security process, operating on checkpoint firewall, used single-factor authentication, but it wasn’t enough,” said Matthew Brentnall, senior head of IT for The Prince’s Trust. “We needed to find a way of deploying a two-factor system without incurring excessive costs.”

Solution

SecurEnvoy, the inventor of tokenless two-factor authentication, offered the charity the perfect cost-effective solution in the form of SecurAccess. Using the SMS feature on mobile phones, SecurEnvoy transforms any mobile phone into a virtual authentication device. Organisations can easily implement high-security remote access for all their users with a mere touch of a button, which sends an authentication code via SMS. There’s no need for additional hardware such as tokens. This also makes SecurAccess a much greener alternative, as it has one of the smallest IT footprints on the market.

Matt commented: “SecurAccess was the best system for us as it wasn’t as costly as the competition and was much easier and faster to implement. Also, unlike token-based security solutions there is no risk of employees forgetting or loosing hardware tokens. Using their mobiles, which staff always have on them, seemed like a great idea and the best process for us.”